Analytics Story: Splunk Vulnerabilities
Description
Keeping your Splunk Enterprise deployment up to date is critical and will help you reduce the risk associated with vulnerabilities in the product.
Why it matters
This analytic story includes detections that focus on attacker behavior targeted at your Splunk environment directly.
Detections
Data Sources
Name | Platform | Sourcetype | Source |
---|---|---|---|
Splunk | splunkd_ui_access |
splunkd_ui_access.log |
References
Source: GitHub | Version: 1